39af8e4fdad5a13cfd9e811a025c4955238045deda34455dae93890e6b1bc982 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39af8e4fdad5a13cfd9e811a025c4955238045deda34455dae93890e6b1bc982
Size

247KB
Sample

221107-qxwpsshhd6
MD5

05af9bc7cb54a9d51b3715ad39a44171
SHA1

c2710c0f089a545e81f0f1a58bd431f61a64fbd4
SHA256

39af8e4fdad5a13cfd9e811a025c4955238045deda34455dae93890e6b1bc982
SHA512

451014f1960f60892f4dae6ca435082c15cbedf819ae22bc06cc3409ace0ebe18525434cd1533cf729b708838c3d23045d5f5a8ae256ede6e1c3762b9a5a91a3
SSDEEP

6144:kCrwdtJJBN9QNgcXhGZmzt0ksw2hDZU1NTgoz:HUdtqsK0oiUrUoz

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  39af8e4fdad5a13cfd9e811a025c4955238045deda34455dae93890e6b1bc982
- Size
  
  247KB
- MD5
  
  05af9bc7cb54a9d51b3715ad39a44171
- SHA1
  
  c2710c0f089a545e81f0f1a58bd431f61a64fbd4
- SHA256
  
  39af8e4fdad5a13cfd9e811a025c4955238045deda34455dae93890e6b1bc982
- SHA512
  
  451014f1960f60892f4dae6ca435082c15cbedf819ae22bc06cc3409ace0ebe18525434cd1533cf729b708838c3d23045d5f5a8ae256ede6e1c3762b9a5a91a3
- SSDEEP
  
  6144:kCrwdtJJBN9QNgcXhGZmzt0ksw2hDZU1NTgoz:HUdtqsK0oiUrUoz
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2